Thursday, February 18, 2016

Question of the Week No. 6

Should Congress enact a statute that requires any designer of an operating system for a smartphone or tablet manufactured, leased or sold in the United States to ensure that data on such devices is accessible pursuant to a search warrant?
Posted by at

11 comments:

  1. UnknownFebruary 18, 2016 at 9:03 PM

    This is a very tough issue. On the one hand, it is easy to see where law enforcement is coming from, if they have a warrant then they should be able to access the material they obtained the warrant for. On the other hand, people's privacy should be protected as well as is possible by our current technology. The encryption of these phones is not specifically meant to keep law enforcement out of people's communication and lives, it is meant to keep everyone out. To me, the solution would be to have the phones encrypted and heavily secured but have some sort of jailbreak code that could be used in the case of a search warrant. A code that would allow access but that could only be used by certain officials for certain reasons. That way, we could have security for personal reasons, but if there were cases that required access to the person's phone, and there was a valid search warrant, access could be granted.

    ReplyDelete
  2. UnknownFebruary 18, 2016 at 11:18 PM

    My gut reaction to this is no, there should not be a statute requiring devices to be accessible pursuant to a search warrant. I understand the need to stop crime and that valuable evidence may be on smart phones and why law enforcement would have an interest in that. However, the information on our smart phones can be very sensitive. People put important information in their phones, like banking information and daily to-do lists. Smart phones often times run people's day-to-day lives. I don't believe that law enforcement is "out to get" the public as it were but I do think that the general citizenry should have some protection from the government peering into the intimate details of their lives, regardless of a search warrant. Besides, if that feature is integrated into operating systems who is to say that third parties can't manipulate the feature to steal information? I don't think there should be a "back door" to smartphones or tablets at all.

    ReplyDelete
  3. UnknownFebruary 19, 2016 at 9:52 AM

    I also understand this argument from the point of view of law enforcement, and can see the potential crime fighting benefits of such a statute. However, when I think about what a smartphone is commonly used for these days, and the extent to which it is used, I am inclined to answer no. A smartphone acts as an intermediary device for so much communication - text, email, social network, voice and video calls, banking, etc. - that it has become vital to modern life. This is what draws a line in the sand for me, I do not believe communication data should be an available tool for law enforcement, even with a search warrant. Communication is not like physical evidence of a crime, like that which might be found in a person's home. Which communication can be incriminating, I would argue that a text about a potential drug sale is less incriminating than the physical drugs found on one's property. Such 'evidence' could have been miscommunicated, misunderstood, or out of context in numerous ways. The physical possession of illicit objects is much less likely to contain similar pitfalls. So I do not believe there should be some sort of "back door" to smartphones, mostly based on the premise that I do not believe communication should hold the same liability as physical malfeasance, and should remain entitled to certain protections.

    ReplyDelete
  4. SteffiFebruary 19, 2016 at 12:45 PM

    No, the government should not require manufacturers to install backdoors into all computing devices. Even with a search warrant, there should still be limits to the government’s ability to examine private data. Many search warrants cone with stipulations and a scope. If an automatic backdoor was available, this scope could easily be violated. Another concern is hackability. If there is a backdoor, how secure can the data really be? And can this backdoor be accessed remotely? If so, it could be argued that the first privacy tort is being violated, if the subject is in a situation where they have a reasonable expectation of privacy, and especially if the subject is doing something outside the scope of the warrant.

    ReplyDelete
  5. Josh ChristensenFebruary 19, 2016 at 3:08 PM

    Absolutely not. Even if it were to be put in place, any conceivable application of this idea is bound to be insecure and ineffective. Lets say that the United States Government manages to force companies to create a backdoor to access cell phones. The first problem I see with this is security. Intentionally creating a way to access a device without its password seems like a surefire way to compromise the security of every single device this system is used on. The government's track record in securing their data is already abysmal (http://reason.com/archives/2015/06/26/federal-cybersecurity-bad-enough-for-gov), and not even an organization as secure as google is immune from data breaches (http://www.pcworld.com/article/186719/article.html). What's to stop this backdoor (however it ends up being implemented) from being compromised and used for nefarious purposes? A good physical example of this are the TSA's approved luggage locks. The locks have a master key to allow the TSA to access the luggage, while supposedly leaving it "secure". However, the master keys have been leaked, and then 3D printed, leaving every single suitcase that uses these locks insecure. On top of that disaster waiting to happen, you also have the fact that the capability will prove useless when it's needed most. Even if there were a backdoor to a phone operating system, what's to stop a user from adding another layer of encryption on top of that? The hard drive of the laptop I'm using is encrypted, not using anything provided by a company, but using community created, open source software. The US can legislate all it wants, but it can't truly weaken encryption, only weaken the security of the common citizen, the ones who rely on default software. Encryption, at its core, is math, and math doesn't respond to search warrants or legislation.

    ReplyDelete
  6. UnknownFebruary 19, 2016 at 9:42 PM

    There should absolutely not be backdoors in encryption. Pretty much all my main points were made by Josh. The problem with a backdoor or master key is that once it's issued it is incredibly hard to revoke. These things always end up leaked, and then everyone can break into everything. See the AACS encryption key (DVDs) controversy and the TSA master key. These measures help law enforcement in a small way while helping criminals in a big way.

    ReplyDelete
  7. JunkangFebruary 19, 2016 at 11:52 PM

    No, I don't think that Congress should enact such statute. Reading Apple's CEO, Tim Cook's statement, he brings up a good point that while the government argues that the tool could only use the tool once, it's simply not true and can be used over and over. The need for encryption is not limited to just criminals as Josh mentioned. Encryption is useful and allows our data to be secure. Common people have access to one of the most common type of encryption standard, the AES system, which is also used by governments worldwide.

    In Apple's case, the FBI wants Apple to create a custom version of iOS that would load in RAM so the version of iOS would allow the FBI unlimited guesses at the passcode without being locked out. If Apple were to give create a custom firmware and give their master key to the FBI, then the FBI would be able to use this on devices that is sold outside the United States since Apple is an international company.

    ReplyDelete
  8. UnknownFebruary 20, 2016 at 3:24 PM

    I don't think that we should assume that this will be abused. While it is possible that a back door could be used in an unlawful way I think that that it is something that should be dealt with if it becomes a problem.

    ReplyDelete
  9. UnknownFebruary 20, 2016 at 5:55 PM

    My thoughts on this are similar to Mary's. I do understand the point of view that smart phones contain a lot of sensitive information and should be protected, but I think that a search warrant is an appropriate reason to seize that information. I'm not entirely sure what all would go into creating a backdoor into an operating system, but if it is not something that is overwhelmingly difficult and would not make it easier for potential hacking into, I think this could be a way to help law enforcement. A warrant requires a judge's signature and is not a free pass for law enforcement to go through our phones. It is a way for law enforcement to gain access only after having some significant reason.

    ReplyDelete
  10. UnknownFebruary 21, 2016 at 10:24 PM

    I have to go with no on this one. As has been mentioned I understand the seeming importance of having such a statute - it would be very beneficial in cases involving terrorism, and other crisis/grave situations. However, as we have discussed in class, smartphones are much, much more than just phones for us in this day and age. It contains so much information and is so integrated into our lives, that we NEED at least one degree of privacy. Though the possibility of abuse is there, it also opens potential doors to hackers, and others who may have malicious intent. When considering something like this with such large ramifications, it's vital to take a step back and look at the potential large-scale effects something like this could have.

    ReplyDelete
  11. UnknownFebruary 22, 2016 at 8:43 AM

    This comment has been removed by the author.

    ReplyDelete

Subscribe to: Post Comments (Atom)